SAA-C03 · Question #339
SAA-C03 Question #339: Real Exam Question with Answer & Explanation
The correct answer is C: Deploy an S3 gateway endpoint to the VPC. Configure the EC2 instances to access the S3. Using S3 gateway endpoints allows private and cost-free access to S3 without routing traffic through a NAT gateway. NAT gateway traffic incurs charges, especially when used across multiple Availability Zones. By using an S3 gateway endpoint, EC2 instances in private subnets can a
Question
A company hosts a web application in a VPC on AWS. A public Application Load Balancer (ALB) forwards connections from the internet to an Auto Scaling group of Amazon EC2 instances. The Auto Scaling group runs in private subnets across four Availability Zones. The company stores data in an Amazon S3 bucket in the same Region. The EC2 instances use NAT gateways in each Availability Zone for outbound internet connectivity. The company wants to optimize costs for its AWS architecture. Which solution will meet this requirement?
Options
- AReconfigure the Auto Scaling group and the ALB to use two Availability Zones instead of four. Do
- BCreate a new, smaller VPC that still has sufficient IP address availability to run the application.
- CDeploy an S3 gateway endpoint to the VPC. Configure the EC2 instances to access the S3
- DDeploy an S3 interface endpoint to the VPC. Configure the EC2 instances to access the S3
Explanation
Using S3 gateway endpoints allows private and cost-free access to S3 without routing traffic through a NAT gateway. NAT gateway traffic incurs charges, especially when used across multiple Availability Zones. By using an S3 gateway endpoint, EC2 instances in private subnets can access S3 directly without needing internet access, reducing both data transfer and NAT gateway costs. Interface endpoints are more expensive and typically used for services like API Gateway or Systems
Community Discussion
No community discussion yet for this question.